CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/22 5:24 a.m.•4 views

CVE-2011-4881

The web server in Certec atvise webMI2ADS aka webMI before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted HTTP request...

5CVSS6.9AI score0.52365EPSS

RedhatCVE•added 2025/05/22 4:51 a.m.•4 views

CVE-2011-4873

Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service daemon crash via crafted requests to TCP port 4840...

5CVSS6.9AI score0.00785EPSS

RedhatCVE•added 2025/05/22 3:23 a.m.•6 views

CVE-2011-4883

The web server in Certec atvise webMI2ADS aka webMI before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service resource consumption via a crafted request...

5CVSS6.9AI score0.12098EPSS

RedhatCVE•added 2025/05/22 3:23 a.m.•7 views

CVE-2011-4880

Directory traversal vulnerability in the web server in Certec atvise webMI2ADS aka webMI before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request...

5CVSS7AI score0.16083EPSS

ICS•added 2018/08/22 12:0 p.m.•36 views

Certec Atvise Server Remote DOS

Overview Independent researcher Luigi Auriemma has identified a denial of service DoS vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability. Affected Products Atvise...

5CVSS7AI score0.00785EPSS

Exploits0References19

NVD•added 2017/05/06 12:29 a.m.•9 views

CVE-2017-6031

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution...

8.8CVSS9AI score0.01153EPSS

Prion•added 2017/05/06 12:29 a.m.•8 views

Design/Logic Flaw

6.8CVSS8.9AI score0.01153EPSS

OSV•added 2017/05/06 12:29 a.m.•2 views

CVE-2017-6029

A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution...

5.4CVSS6AI score

Prion•added 2017/05/06 12:29 a.m.•14 views

Cross site scripting

A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution...

3.5CVSS6.7AI score0.00186EPSS

NVD•added 2017/05/06 12:29 a.m.•9 views

CVE-2017-6029

A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution...

5.4CVSS6.3AI score0.00186EPSS

CVE•added 2017/05/06 12:0 a.m.•47 views

CVE-2017-6031

CVE-2017-6031 affects Certec EDV GmbH atvise scada pre-3.0. The issue is improper neutralization of HTTP headers for scripting syntax (header injection) that may enable remote code execution. Affected: atvise scada prior to version 3.0; exploitability is remotely possible. Mitigation: upgrade to ...

8.8CVSS8.8AI score0.01153EPSS

Cvelist•added 2017/05/06 12:0 a.m.•12 views

CVE-2017-6031

8.9AI score0.01153EPSS

Cvelist•added 2017/05/06 12:0 a.m.•15 views

CVE-2017-6029

A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution...

5.7AI score0.00186EPSS

CVE•added 2017/05/06 12:0 a.m.•43 views

CVE-2017-6029

CVE-2017-6029 affects Certec EDV GmbH atvise SCADA prior to version 3.0, describing two related issues: a Cross-Site Scripting vulnerability (CWE-79) and a header injection bug (CWE-644) that together may enable remote code execution. The NVD entry confirms the XSS as the primary CVE-2017-6029 it...

5.4CVSS6.2AI score0.00186EPSS

CNVD•added 2017/04/07 12:0 a.m.•1 views

Certec EDV GmbH atvise scada cross-site scripting vulnerability

Certec EDV GmbH is based in Austria. atvise is a web-based HMI monitoring and data acquisition system. A cross-site scripting vulnerability exists in Certec EDV GmbH atvise scada. An attacker may be able to exploit this vulnerability to execute arbitrary script code in the browser of an...

8.8CVSS6.6AI score0.01153EPSS